Microsoft Registered Partner Small Business Specialist VAT number GB 873185892 Registered company number 5440703
50 Liverpool Street London EC2M 7PY Covering London Central, City, Docklands, London West End, Shoreditch, Stratford, Hackney, and surrounding areas.
Cornwallis House Howard’s Chase Basildon Essex SS14 3BB Covering Basildon, Southend, Shoeburyness, Brentwood, Billericay, Chelmsford, Thurrock, Lakeside and surrounding areas
Copyright 2015 DGT Technology Ltd Privacy Policy About us

Ransomware : What is all the fuss about?

Why you should be worried.

How to stop it damaging your business.

How big is the problem? Ransomware   is   a   big   issue   and   growing   exponentially   bigger   all   the   time.   Security researchers   say   there   are   over   120   separate   “families”   of   ransomware   and   the number   of   victims   tripled   in   the   first   3   months   of   2016.   There   are   ways   to   change the   ransomware   so   that   it   is   not   detected   by   anti-virus   programs   -   a   “variant”   - which keeps the number of victims going up and up. What does it do? Ransomware is a virus that will run on your computer. You can get it delivered by email, USB stick, from a website or any way you usually receive data. When activated, the virus will find any document on your computer and on any network connection your computer has access to including your company server shares. It will then encrypt these files so that they are scrambled and unreadable. It will also scramble the filenames so for example the document on your PC that was an Excel budget spreadsheet called “April budget 2016.xlsx” would become “ADG3E5TDFYU583AX” and the contents scrambled by an encryption key to make it totally unusable. There is usually another file in the same folder as your encrypted files with instructions on how to pay to get the unlock key to restore your files. To pay or not? What are your options if this happens to you? If you are a home user with no backups then the only way to get your files back is to pay and hope you get your files unlocked. If you pay, be aware that this money is going to criminal gangs and could be financing drugs, terrorism or worse. Also, make sure the virus has been cleaned and removed from your computer otherwise you may find your files are encrypted again in no time and you need to pay again (in fact there are reports that if you do pay then you are likely to be targeted again). If you are a business then you should have backups in place so that you can clean the virus, delete the encrypted files, and restore your files from backups. Very inconvenient and you may lose some work if your backups only happen once a day, which is typical. How can I prevent it from happening? Obviously keeping a good anti-virus program up to date with regular scans, email filtering and perhaps even an additional malware software will all help to stop a ransomware virus gettng through but with so many new varients appearing all the time it is quite likely you will be at risk. The best prevention is to make sure all your staff are aware of the problem and be suspicious of every file they receive. For example, in one attack, an email was received by a user that appeared to be from themselves - clearly they knew they hadn’t sent themselves this email. The user then opened the email, downloaded the file attachment and ran it. Despite the usual security warning questions and being asked to enable macros in the Word document they went ahead anyway and ran the ransomware. Keep very good backups. Make sure you can go back to a point in time and get a copy of your files. Why not test getting a few files back before you have a problem to make sure everything works as expected and you know how to do it? Even if all your files are encrypted you should be able to go back to a point just before the problem occurred. Help! I have ransomware The most important thing to do is to clean your system. If you have a new varient that wasn’t detected by your anti-virus software then you can upload a sample of the ransomware file (all anti-virus companies have a place on their website where you can upload sample files) for them to analyse and release new code which will update your system automatically to detect and clean the virus. A recently launched website “No More Ransomware” www.nomoreransom.org will help guide you if you have been attacked. What is being done about the problem? Ransomware is being taken very seriously because of the amount of money being paid to criminals. Europol and the Netherlands police are involved with the No More Ransom website. Researchers from the University of Florida are working on a system called Crypto Drop that should any varient of ransomware by analysing it’s behaviour. In one test, 10 files were encrypted out of a total of 5,099 before the system stopped the encryption. For the time being, take care and check your backups. If you need help implementing or reviewing your backups please contact us.
2016-08-01 /  Article #10
Microsoft Registered Partner Small Business Specialist VAT number GB 873185892 Registered company number 5440703
50 Liverpool Street London EC2M 7PY Covering London Central, City, Docklands, London West End, Shoreditch, Stratford, Hackney, and surrounding areas.
Cornwallis House Howard’s Chase Basildon Essex SS14 3BB Covering Basildon, Southend, Shoeburyness, Brentwood, Billericay, Chelmsford, Thurrock, Lakeside and surrounding areas
Copyright 2015 DGT Technology Ltd Privacy Policy About us
0208 819 1360

Ransomware : What is all the

fuss about?

Why you should be worried.

How to stop it damaging your

business.

How big is the problem? Ransomware    is    a    big    issue    and    growing    exponentially bigger   all   the   time.   Security   researchers   say   there   are   over 120   separate   “families”   of   ransomware   and   the   number   of victims   tripled   in   the   first   3   months   of   2016.   There   are ways   to   change   the   ransomware   so   that   it   is   not   detected by   anti-virus   programs   -   a   “variant”   -   which   keeps   the number of victims going up and up. What does it do? Ransomware is a virus that will run on your computer. You can get it delivered by email, USB stick, from a website or any way you usually receive data. When activated, the virus will find any document on your computer and on any network connection your computer has access to including your company server shares. It will then encrypt these files so that they are scrambled and unreadable. It will also scramble the filenames so for example the document on your PC that was an Excel budget spreadsheet called “April budget 2016.xlsx” would become “ADG3E5TDFYU583AX” and the contents scrambled by an encryption key to make it totally unusable. There is usually another file in the same folder as your encrypted files with instructions on how to pay to get the unlock key to restore your files. To pay or not? What are your options if this happens to you? If you are a home user with no backups then the only way to get your files back is to pay and hope you get your files unlocked. If you pay, be aware that this money is going to criminal gangs and could be financing drugs, terrorism or worse. Also, make sure the virus has been cleaned and removed from your computer otherwise you may find your files are encrypted again in no time and you need to pay again (in fact there are reports that if you do pay then you are likely to be targeted again). If you are a business then you should have backups in place so that you can clean the virus, delete the encrypted files, and restore your files from backups. Very inconvenient and you may lose some work if your backups only happen once a day, which is typical. How can I prevent it from happening? Obviously keeping a good anti-virus program up to date with regular scans, email filtering and perhaps even an additional malware software will all help to stop a ransomware virus gettng through but with so many new varients appearing all the time it is quite likely you will be at risk. The best prevention is to make sure all your staff are aware of the problem and be suspicious of every file they receive. For example, in one attack, an email was received by a user that appeared to be from themselves - clearly they knew they hadn’t sent themselves this email. The user then opened the email, downloaded the file attachment and ran it. Despite the usual security warning questions and being asked to enable macros in the Word document they went ahead anyway and ran the ransomware. Keep very good backups. Make sure you can go back to a point in time and get a copy of your files. Why not test getting a few files back before you have a problem to make sure everything works as expected and you know how to do it? Even if all your files are encrypted you should be able to go back to a point just before the problem occurred. Help! I have ransomware The most important thing to do is to clean your system. If you have a new varient that wasn’t detected by your anti- virus software then you can upload a sample of the ransomware file (all anti-virus companies have a place on their website where you can upload sample files) for them to analyse and release new code which will update your system automatically to detect and clean the virus. A recently launched website “No More Ransomware” www.nomoreransom.org will help guide you if you have been attacked. What is being done about the problem? Ransomware is being taken very seriously because of the amount of money being paid to criminals. Europol and the Netherlands police are involved with the No More Ransom website. Researchers from the University of Florida are working on a system called Crypto Drop that should any varient of ransomware by analysing it’s behaviour. In one test, 10 files were encrypted out of a total of 5,099 before the system stopped the encryption. For the time being, take care and check your backups. If you need help implementing or reviewing your backups please contact us.

Request a callback

Your name

Phone number

Your email

Company name 

Enter the number code here
 
0208 819 1360